CrazyEngineers
CrazyEngineers
  • Are you using Chrome Password Manager?
    If the answer is 'Yes', do you know that that anyone who has access to your machine can view the passwords you have saved in Chrome?



    All you need to do is go to chrome://settings/passwords and press the "show" button next to any saved password. It will show your saved password in clear text.

    now you must be wondering that it is a big time defect. No! Do you know that google says that this is an intended behavior. Per Google, it's how the password manager is supposed to work. In fact, it's the only way it can work.

    Per Google Chrome password manager works by remembering the username and password and then fills that at the login screen. The password must be in clear text, otherwise browser wouldn't be able to us that with the remember me feature.

    Of course, you can't read the password that's been auto-filled in the input field since characters are replaced by asterisks. But that's a very basic method of protection; the real characters are still available through a number of tricks.

    Now, what do you say?
    DO you think Using Chrome Password Manager is safe? or do you have any other tricks that you would like to suggest Google?

    -CB
    Replies
Howdy guest!
Dear guest, you must be logged-in to participate on CrazyEngineers. We would love to have you as a member of our community. Consider creating an account or login.
Replies

  • Kaustubh Katdare

    AdministratorAug 8, 2013

    That bug has existed for a long time. Double authentication is the way to address all the password theft issues.
    Are you sure? This action cannot be undone.
    Cancel

  • Sarathkumar Chandrasekaran

    MemberAug 8, 2013

    You have created a big awareness buddy.better avoid "save password" screen.😲
    Are you sure? This action cannot be undone.
    Cancel

  • Nayan Goenka

    MemberAug 8, 2013

    Well I am shocked to know that most people didnt know this. Of course you can see your saved passwords. There was a concept in design while developing the cloud based Chrome that you need a verification code in order to review security settings in the browser. They should separate history, cookies, cache, autofill and password monitoring into a different tab which is regualarly synced and needs a master password for editing.
    Are you sure? This action cannot be undone.
    Cancel

  • Jeffrey Arulraj

    MemberAug 8, 2013

    Seriously an eye opener mate I never want my family members to troll through my personal mail id and stuff Thanks for the share

    Well Data once stored in Internet can't be erased completely right Does this hold good here as well
    Are you sure? This action cannot be undone.
    Cancel

  • Nayan Goenka

    MemberAug 8, 2013

    that is the whole reason why people dont allow others to touch their laptops/computers. What is the real data they dont want to lose, apart from accounts and business related, Browser data is extremely crucial. It has a lot of cookies and cache saved which may contain security details and licenses which are authorized to other accounts. This can be used to hack others. Many people say I dont have anything confedential in my email so I dont care if anyone hacks me. But what they miss is that the aim of the hacker was not to hack you but to use your account to hack someone more important. Who goes in jail if caught?? You. This is a major chapter when you learn about software and cyber security.
    Are you sure? This action cannot be undone.
    Cancel
Home Channels Search Login Register